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WHAT IS CLAIMED IS : 

1. A method for controlling a policy-based network, comprising the 
steps of: 

establishing a first policy within a policy server of the network, wherein 
5 the first policy includes at least a first function and a second function; 

converting the first policy into at least a second policy and a third policy, 
wherein the second policy is associated with the first function and the third policy 
is associated with the second function; 

distributing the second policy and the third policy within the network to at 
10 least one node; and 

controlling the at least one node using the second policy and the third 

policy. 



2. The method of claim 1, wherein the first policy includes at least a 
first policy rule having the first function in the first policy rule and a second 
policy rule having the second function in the second policy rule, and 

wherein the second policy includes at least a third policy rule having the 
first function in the third policy rule, and 

wherein the third policy includes at least a fourth policy rule having the 
second function in the fourth policy rule. 



3. The method of claim 2, wherein the third policy rule defines a 
virtual flow label value and the fourth policy rule is associated with the virtual 
flow label value. 
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4. The method of claim 1, wherein the first policy includes at least a 
first policy rule having the first function in an action part of the first policy rule 
and a second policy rule having a first reference and having the second function in 
an action part of the second policy rule, 

5 wherein the first function modifies the contents of a field in each of a 

plurality of data packets, 

wherein the first reference refers to a value of the field modified by the 
first function, 

wherein the second policy includes at least a third policy rule having the 
10 first function and a virtual flow label value in an action part of the third policy 

rule and a fourth policy rule having the first reference in a condition part of the 
fourth policy rule, and 

wherein the third policy includes at least a fifth policy rule having a 
reference to the virtual flow label value in a condition part of the fifth policy rule 
15 and having the second function. 

5. The method of claim 1, wherein the first policy includes at least a 
first policy rule having a first reference in a condition part of the first policy rule 
and a second policy rule having a second reference and having a second function 

20 in an action part of the second policy rule, 

wherein the first reference refers to the contents of a field in each of a 
plurality of data packets, 

wherein the second reference refers to a value of the field modified by the 
first function, 

25 wherein the second policy includes at least a third policy rule having the 

first reference in a condition part of the third policy rule and a fourth policy rule 
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having the second reference and a virtual flow label in a condition part of the 
fourth policy rule, and 

wherein the third policy includes at least a fifth policy rule having a 
reference to the virtual flow label in a condition part of the fifth policy rule and 
5 having the second function. 

6. The method of claim 1, wherein the first policy includes a list of 
condition parts of policy rules included in the first policy, 

wherein the second policy includes a list of condition parts of policy rules 
10 included in the second policy, 

wherein the third policy includes a list of condition parts of policy rules 
included in the third policy, and 

wherein the list of condition parts included in the first policy is equal to 
the list of condition parts included in the second policy and the list of condition 
15 parts included in the third policy. 

7. The method of claim 1, wherein the first policy includes at least a 
first policy rule having at least a first condition and a second condition in a 
condition part of the first policy rule, wherein the first condition and the second 

20 condition are coupled with a logical "OR" operator, 

wherein the second policy includes at least a second policy rule having the 
first condition in a condition part of the second policy rule and a third policy rule 
having the second condition in a condition part of the third policy rule, and 

wherein the third policy includes at least a fourth policy rule having the 
25 first condition in a condition part of the fourth policy rule and a fifth policy rule 

having the second condition in a condition part of the fifth policy rule. 
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8. The method of claim 1, wherein the first policy includes at least a 
first policy rule having at least a first condition and a second condition in a 
condition part of the first policy rule, wherein the first condition and the second 
condition are coupled with a logical "OR" operator, 

wherein the second policy includes at least a second policy rule having the 
first condition in a condition part of the second policy rule and a third policy rule 
having the second condition in a condition part of the third policy rule, wherein 
the second policy rule includes, in an action part of the second policy rule, a 
marking action of a first value in a field in each of a plurality of data packets, 
wherein the third policy rule includes, in an action part of the third policy rule, a 
marking action of the first value in the field in each of the plurality of data 
packets, and 

wherein the third policy includes at least a fourth policy rule, and a 
condition part of the fourth policy rule determines whether the field in each of the 
plurality of data packets includes the first value. 

9. The method of claim 1, wherein the first policy includes at least a 
first policy rule having at least a first condition and a second condition in a 
condition part of the first policy rule, wherein the first condition and the second 
condition are coupled with a logical "OR" operator, 

wherein the second policy includes at least a second policy rule having the 
first condition in a condition part of the second policy rule and a third policy rule 
having the second condition in a condition part of the third policy rule, wherein 
the second policy rule and the third policy rule each define a first virtual flow 
label value, and 
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wherein the third policy includes at least a fourth policy rule, and a 
condition part of the fourth policy rule determines the first virtual flow label 
value. 

10. A method for controlling a policy-based network, comprising the 
steps of: 

establishing at least a first policy and a second policy within a policy 
server of the network, wherein the first policy includes at least a first function and 
the second policy includes at least a second function; 

converting the first policy and the second policy into a third policy, 
wherein the third policy is associated with the first function and the second 
function; 

distributing the third policy within the network to at least one node; and 
controlling the at least one node using the third policy. 

11. The method of claim 10, wherein the first policy includes at least a 
first policy rule having the first function in an action part of the first policy rule, 
and 

wherein the second policy includes at least a second policy rule having the 
second function in an action part of the second policy rule, and 

wherein the third policy includes at least a third policy rule having the first 
function in an action part of the third policy rule and a fourth policy rule having 
the second function in an action part of the fourth policy rule. 

12. The method of claim 10, wherein the first policy includes at least a 
first policy rule having a first condition in a condition part of the first policy rule 
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and having in an action part of the first policy rule a marking action of a first 
value of a field in each of a plurality of data packets, 

wherein the second policy includes at least a second policy rule, a 
condition part of the second policy rule determining whether the field in each of 
the plurality of data packets contains the first value, and having the first function 
in an action part of the second policy rule, and 

wherein the third policy includes at least a third policy rule and a fourth 
policy rule, 

wherein the third policy rule includes the first condition in a condition part 
of the third policy rule and the first function in an action part of the third policy 
rule, and 

wherein the fourth policy rule includes a condition part for determining 
whether the field in each of the plurality of data packets contains the first value, 
and includes the first function in an action part of the fourth policy rule. 

13. The method of claim 10, wherein the first policy includes at least a 
first policy rule and a second policy rule, 

wherein the first policy rule includes a first condition in a condition part of 
the first policy rule and includes in an action part of the first policy rule a marking 
action of a first value of a field in each of a plurality of data packets, 

wherein the second policy rule includes a second condition in a condition 
part of the second policy rule, 

wherein the second policy includes at least a third policy rule having a 
condition part determining whether the field in each of the plurality of data 
packets includes the first value, and having in an action part of the third policy 
rule the first function, and 
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wherein the third policy includes at least a fourth policy rule and a fifth 
policy rule, 

wherein the fourth policy rule includes the first condition in a condition 
part of the fourth policy rule and the first function in an action part of the fourth 
5 policy rule, and 

wherein the fifth policy rule includes the second condition and a condition 
part for determining whether the field in each of the plurality of data packets 
contains the first value, and includes the first function in an action part of the fifth 
policy rule. 

10 

14. A system for controlling a policy-based network, comprising: 
a policy server for establishing policies; 

conversion means for converting at least one of a high-level policy into a 
plurality of low-level policies and a plurality of high-level policies into a low-level 
15 policy; 

distributing means for distributing within the network at least one of the 
low-level policy and the plurality of low-level-policies; 

a network node for receiving at least one of the low-level policy and the 
plurality of low-level-policies. 

20 

15. The system of claim 14, wherein the conversion means converts 
both the high-level policy into the plurality of low-level policies and the plurality 
of high-level policies into the low-level policy. 
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